<Configuration example>
Overview: - Set primary database of MAC authentication to RADIUS
server and secondary database to local database. Make
configuration so that the authentication is executed using local
database if there is no applicable account on RADIUS server.
- Add the local MAC account assigned to VLAN 1 following
authentication.
1. Set primary database of MAC authentication to RADIUS and
secondary database to Local.
2. Set "Auth Fail Action" of MAC authentication to secondary
database.
3. Add XX:XX:XX:XX:XX:XX to local MAC database. Specify VLAN 1
to VLAN following authentication.
M24eGi> enable
M24eGi# configure
M24eGi(config)# aaa authentication mac primary radius secondary local
M24eGi(config)# aaa authentication mac auth-fail-action secondary-db
M24eGi(config)# aaa authentication auth-mac XX:XX:XX:XX:XX:XX vlan 1
M24eGi(config)# end
M24eGi#
Fig. 4-9-3 Configuration example of authentication function
277
・・・1
・・・2
・・・3